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Abstract 

A network service management server is provided for an internal network 
operated by a multi-system operator, at a selected location of the internal network, 

5 such as a network head-end. The server registers a client connecting to one of the 
network entities. It also assigns to the client an address associated with the one of 
the network entities to which the client is connected. The server manages network 
services by handling information relating to network services for the client based on 
the assigned address. The server can handle network services for the client based 

10 solely on the clients assigned IP address. 
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A server, system and method for providing access to a public network through an 
internal network of a multi-system operator 

Field of the Invention: 

5 

This invention relates to public network access, more specifically, to a 
server, system and method for providing access to a public network through an 
internal network of a multi-system operator 

10 Background of the Invention 

To date, most providers of high speed Internet provisioning systems connect 
a local area network (LAN) to the Internet through an on-site or local Internet 
provisioning server. This local provisioning server provisions, authenticates and 

15 provides a billing interface for Internet service. On the internal side of the LAN, the 
LAN site must offer some means of connecting the internal network traffic and 
routing it through a central system of the LAN. The internal side of the LAN may be 
made up of structured wiring/switches, digital subscriber line (DSL) technologies, 
wireless 802,1 1 devices, Ethernet over coaxial cables, and other hybrid systems to 

20 provide network connectivity to the LAN users. The Internet provisioning server 
connects directly to a router, which acts as a local connection to the Internet. 

There exists some multi-system operators (MSOs) offering high-speed 
Internet services through their internal networks. For example, some cable TV 
service providers offer high-speed Internet services through their cable modem 

25 networks for cable TV services. A cable modem network is a network of cable 
modems, A cable modem allows a user computer to connect with the Internet 
through the cable modem network. 

A nomadic user computer is often pre-configured to connect with a company 
network or other network which is foreign to the internal network of a multi-system 

30 operator. Thus, the user computer cannot operate on the internal network as it is. 
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For example, in a conventional cable modem network, a user computer that 
is configured to a foreign network cannot operate on the cable modem network. 
The user needs to modify the network configuration settings of the user computer 
to match those of the cable modem network. Adding a new user computer to the 
5 cable modem network usually involves system configuration changes and 
assistance from a technical support resource. 

It is, therefore, desirable to provide a new system and method, which allows 
users to receive Internet services through an internal network of a multi-system 
operator, such as cable modem network, while maintaining their computers* 
10 pre-configured network settings for a foreign network. 

Summary of the Invention: 

It is an object of the invention to provide a novel system and method that 

15 obviates or mitigates at least one of the disadvantages of the existing systems. 

The invention assigns to clients addresses that reflect the location of a client 
on a network. Traffic to or from an external network, such as Internet web traffic, is 
intercepted and forced through provisioning, authentication, registration and/or 
billing mechanisms prior to granting access to the external network. 

20 in accordance with an aspect of the present invention, there is provided a 

network service management server for managing network services for an internal 
network operated by a multi-system operator, the internal network being formed 
with network entities. The network service management server comprises a 
registration driver, an address assignment handler and an information handler. 

25 The registration driver is provided at a selected location of the internal network for 
registering a client connecting to one of the network entities. The address 
assignment handler is provided at the selected location of the internal network for 
assigning to the client an address associated with the one of the network entities to 
which the client is connected. The information handler is provided for handling 

30 information relating to network services for the client based on the assigned 
address. 



CA 02457368 2004-02-11 



• 3 

In accordance with another aspect of the invention, there is provided a 
network service management server for managing Internet services for a cable 
modem network having multiple cable modems and Cable Modem Termination 
Systems (CMTSs) for communicating with connected cable modems. The network 
5 service management server comprises a registration driver, an address 

assignment handler and an information handler. The registration driver is provided 
at a selected location of the cable modem network for registering a client 
connecting to one of the cable modems. The address assignment handler is 
provided at the selected location of the cable modem network for assigning to the 

10 client a client address associated with the one of the cable modems to which the 
client is connected. The information handler is provided for handling information 
relating to Internet services for the client based on the assigned client address. 

In accordance with another aspect of the invention, there is provided a 
method of managing network services for an internal network operated by a 

15 multi-system operator, the internal nelwork being formed with network entities. The 
method comprising the steps of registering, at a selected location of the internal 
network, a client connecting to one of the network entities, assigning to the client 
an address associated with the one of the network entities to which the client is 
connected; and handling information relating to network services for the client 

20 based on the assigned address. 

In accordance with another aspect of the invention, there is provided a 
computer readable medium storing the instructions or statements for use in the 
execution in a computer of the method of managing network services for an internal 
network operated by a multi-system operator, the internal network being formed 

25 with network entities. 

In accordance with another aspect of the invention, there is provided 
electronic signals for use in the execution in a computer of the method of managing 
network services for an internal network operated by a multi-system operator, the 
internal network being formed with network entities. 

30 In accordance with another aspect of the invention, there is provided a 

computer program product for use in the execution in a computer a method of 
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managing network services for an internal network operated by a multi-system 
operator, the internal network being formed with network entities. The computer 
program product comprises a module for registering, at a selected location of the 
internal network, a client connecting to one of the network entities, a module for 
5 assigning to the client an address associated with the one of the network entities to 
which the client is connected and a module for handling information relating to 
network services for the client based on the assigned address. 

Other aspects and features of the present invention will be readily apparent 
to those skilled in the art from a review of the following detailed description of 
10 preferred embodiments in conjunction with the accompanying drawings. 

Brief Description of the Drawings: 

The invention will be further understood from the following description with 
15 reference to the drawings in which: 

Figure 1A is a block diagram showing an IP provisioning system in 
accordance with an embodiment of the invention; 

Figure 1 B is a block diagram showing a network service management server 
in accordance with an embodiment of the present invention; 
20 Figure 1C is a flow block showing an operation of the network service 

management server; 

Figure 2 is a block diagram showing an example of the network service 
management server of Figure 1 B; 

Figure 3 is a block diagram showing a network service management server 
25 in accordance with another embodiment of the invention; 

Figure 4 is a block diagram showing a network service management server 
in accordance with another embodiment of the invention; 

Figure 5 is a block diagram showing one example of the registration driver 
of Figure 2; 

30 Figure 6 is a block diagram showing other components or functionalities of 

the network service management server; 
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Figure 7 is a block diagram showing one example of the location resolution 
handler of Figure 2; and 

Figure 8 is a block diagram showing another embodiment of the invention 
used in a different network. 

5 

Detailed Description of the Preferred Embodiments: 

The invention is suitably used for an internal network operated by a 
multi-system operator (MSO). The internal network comprises multiple network 
10 entities for connecting clients and routing client traffic. The invention allows 
management of external public network service offerings, such as the Internet 
service offerings, to the clients through the internal network. 

Embodiments of the present invention are now described for a cable modem 
network operated by a cable TV service company. However, the present invention 
15 may be applied to different types of internal networks of MSOs, such as but not 
limited to Digital Subscriber Line (DSL) networks. 

Figure 1A shows an IP provisioning system 2 for a cable modem network 10 
in accordance with an embodiment of the present invention. The cable modem 
network 1 0 may be a new or existing network that comprises cable modems 1 8 and 
20 Cable Modem Termination Systems (CMTSs) 14. 

The IP provisioning system 2 is provided at the cable head-end of the cable 
modem network 10 in a central site of a cable company operating the cable modem 
network 10, typically in or near a cable company Network Operations Center (NOC) 
16 where CMTSs 14 are provided. The IP provisioning system 2 acts as a gateway 
25 to the Internet 24 for the cable modem network 10. 

The cable modem network 10 provides connectivity to multiple cable 
modems 18, Cable modems 18 may be wired or wireless cable modems. 

A group of cable modems 18 is located in a local property 16, such as hotels, 
convention centers, public Internet locations such as coffee shops, waiting rooms 
30 ,airports and other properties which provide Internet services to users. 
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Each cable modem 18 has one or more ports or interfaces, each to accept 
connection with user's Customer Premise Equipment (CPE)120, such as a laptop 
computer, personal digital assistant (PDA) device or other Internet service access 
device, 

5 Cable modems 18 are connected to CMTSs 14 residing in the NOC 6. One 

or more cable modems 18 may be connected to a single CMT5 14. 

A CMTS 14 is capable of communicating with cable modems 18 connected 
to the CMTS 14, receiving signals sent upstream from CPEs 20 associated with the 
connected cable modems 18, converting the signals into Internet Protocol (IP) 
10 packets and routing the signals for connection to the Internet 24, and sending 
signals downstream to the associated CPEs 20 through the cable modems 18. 

Also, the NOC 6 may also have one or more CMTSs 14 which communicate 
with one or more cable modems 18 individually for individual subscribers who do 
not belong to any local properties 16. Those CMTSs may bypass the IP 
1 5 provisioning system 2, if desired. 

Cable modems 14 which are connected to CMTSs 14 are sometimes 
referred to collectively as "clients" or "network entities", hereinafter. 

The IP provisioning system 2 has network provisioning functionalities, 
authentication functionalities, and billing service functionalities to perform network 
20 provisioning, authentication services and billing services. 

The network provisioning functionalities include functionality that performs 
provisioning of cable modems. Also included is a plug and play functionality that 
allows users to use their CPEs 20 configured for a foreign network and connect 
them to the Internet 24 through the cable modem network 10 without changing the 
25 network configuration settings. Examples of network applications used for Internet 
services include email, Virtual Private Network (VPN) connectivity, instant 
messaging, and Voice over IP. 

The authentication functionalities include a registration functionality that 
allows users to register their CPEs 20 at desired cable modems 18. The network 
30 service management server 4 does not need to provision any cable equipment in 
order to operate as an authenticating gateway for CPEs connected to a CMTS. 
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The billing functionalities include client location resolution functionality that 
resolves a physical location of a cable modem 18 or its port to which a specific CPE 
20 is connected. The billing functionality allows the local property operator to bill 
each user based on a pay per use basis. These functionalities are further 
5 described below. 

The IP provisioning system 2 uses a network service management server 4 
and/or other servers to provide these functionalities. The network service 
management server 1 2 may act as a sole network provisioner or partial network 
provisioner for any or all cable modems 18 and the CPEs 20 connected to the 

10 CMTSs 14. When the network service management server 4 acts as a sole 

network provisioner, it performs all three functionalities. When acting as a partial 
network provisioner, it shares some functionalities with other network service 
management server or other third party server or system. A network service 
management server 4 may maintain public access Internet service across the 

15 entire cable modem network 10 r or may maintain public access Internet service to 
part of the cable modem network 10 for selected cable modems 18, 

Referring to Figure 1B, an embodiment is described where the network 
service management server 4 is embodied by a network service management 
server 12 that acts as a sole network provisioner and performs network 

20 provisioning functionalities, This embodiment is described using a hotel as an 
example of a local property 16. For simplicity of the drawings, a single cable 
modem 18 is shown in the hotel 16, and a single CMTS 14 is shown in an NOC 6. 

The CMTS 14 may operate in Routing Mode for routing traffic, or Bridging 
Mode for bridging traffic. The CMTS 14 may also perform filtering and traffic 

25 shaping. Preferably, the CMTS 14 is a Data Over Cable Service Interface 

Specification (DOCSIS) compliant system. Also, preferably, the cable modem 18 is 
a DOCSIS compliant device. The network service management server 12 
identifies, collects and dynamically maintains information on each cable modem 18, 
and/or a group of cable modems and CPEs 

30 A nomadic user can connect a CPE 20 that is configured to a foreign 

network to the cable modem 18. The CPE 20 may be a Dynamic Host 
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Configuration Protocol (DHCP) client CPE which does not have an IP address, or 
a statically configured client which has a static IP address assigned to it for the 
foreign network. The network service management system 12 can provide plug 
and play provisioning for statically configured client CPEs when the CMTS is 

5 operated in Bridging Mode, as described below. 

The network service management server 12 integrates with the cable 
modem network 10 to perform IP provisioning, authentication services and billing 
services for local property operators who subscribe to these services from the cable 
operator. Each point of connection to the cable modem network 10, e.g., each 

10 point where a local property is connected, is configured to present custom 

interfaces suitable for the local property owner. Custom interfaces may include 
registration screens, fee schedules and Internet connection options, as further 
described below. 

These functionalities are controlled and maintained by the network service 
15 management server 12 at the NOC 6. The cable company operator can assign 
different service offerings to individual cable modems or group of cable modems. 
Thus, for example, different hotels may provide different offerings to their 
customers. Also, different rooms in a hotel may have different offerings. 

Each cable modem 18 is identified by a unique Media Access Control (MAC) 
20 address. The information relating to each relevant cable modem 18, such as 
settings, billing schedules and connection options, is stored in a cable modem 
database 26. The stored information of each cable modem is linked to the MAC 
address of the cable modem. 

In Figure 1B, the database 26 is provided separately from the network 
25 service management server 12. However, the database 26 may be provided in the 
network service management server 12. 

The cable company operator or other installer may install cable modems 18 
for a local property 16. The network service management server 12 tracks and 
maps each cable modem 18 to its physical location, such as a guest room in a hotel 
30 16. This mapping information, i.e., the physical location of the cable modem 18 is 
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linked to the MAC address of the cable modem 18, and is also stored in the cable 
modem database 26. 

Using this mapping information, when a user connects a CPE 20 to a cable 
modem, the network service management server 12 can resolve the physical 
5 location, e.g., the guest room, from which the user connected the CPE 20 to the 
cable modem 18. 

The CPE 20 is thus provisioned and further authenticated by the network 

service management server 12. The network service management server 12 also 

manages and tracks billing information associated with the services offered through 
10 the cable modem network 1 0 for each CPE 20. The services offered by the network 

10 are billed on a pay per use basis (e.g., fixed time length, time based, bandwidth 

usage, per minute usage). 

As each cable modem is managed individually, the local property and the 

cable company may customize presentation pages, such as a registration page, 
is billing schedules and connection options, for each of the cable modems to have a 

localized look and feel as if the service is being provided at the local property. 

The network service management server 12 offers plug and play functionality 

for clients connecting their network CPEs 20 through a cable modem network. It 

offers nomadic users nomadic Internet service through the cable modem network. 
20 The network service management server 1 2 enables the users to maintain the 

pre-configured network settings of the CPEs to obtain such services. 

In order to provide this plug and play functionality, the network assigns a 

router-aware IP address to a CPE 20, and seamlessly redirects the CPE traffic to 

the external network, e.g., to the Internet 24. 
25 The server 12 provides transparent network access via two mechanisms: 

Network Address Translation (NAT): and Masquerading. 

NAT: Each internal system is given a unique IP address to communicate 

with the internet. This allows external connections to clients and facilitates User 

Datagram Protocol (UDP) based protocols as well, but will require that a sufficient 
30 set of routable IP numbers be available for assignment at each installation. The 

NAT is utilized for providing transparent network access. 
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Masquerading: Each internal system appears to the outside world with the 
IP address of the server. This requires special protocol-aware handlers (proxies) 
for protocols like active-mode File Transfer Protocol (FTP), which try to create 
independent return connections back to the client, and also modifications are made 
5 to support Transmission Control Protocol (TCP) "connections" (stateful packet 
inspection). 

Thus r the user can access the Internet 24 without changing the network 
configurations of CPE 20. The assignment of router-aware IP address is further 
described below in connection with the registration of CPEs. 

10 To allow connection of CPEs 20, the network service management server 12 

also performs registration and authentication services. Prior to registration for the 
network service, any attempts to access the services across the Internet 24 are 
detected and intercepted by the network service management server 12. The 
network sen/ice management server 12 invites the CPE 20 to register for the 

15 network service. The network service management server 12 resolves the location 
of registered CPE 20 using the information stored in the cable modem database, 
as further described below. Using the location of the CPE 20 and registration 
information, the network service management server 12 performs billing services. 
Figure 1C shows an example of operation of the network service 

20 management server 12. In this embodiment, the network service management 
server 12 handles network traffic for DHCP, time of day (TOD), Domain Name 
System (DNS) and TFTP, The network traffic is passed through the cable modem 
18 and the CMTS 14, 

When new cable modems 18 are installed or other certain events occur, the 

25 network service management server 12 receives a DHCP cable modem request 
and configuration request from each cable modem 18 (160). The network service 
management server 12 acts on these requests and provides modem configuration 
files based on the requests to the cable modems (162) by using, e.g., a Trivial File 
Transfer Protocol (TFTP). The TFTP server configuration file includes information 

so for the operating frequency, bandwidth limits, number of connections and 

Management Information Base (MIB) settings for the cable modem. The network 
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service management server 12 stores the cable modem MAC address and the 
physical location in the cable modem database (164). Once all relevant cable 
modems are provisioned, the network service management server 12 is ready to 
handle network traffic from and to CPEs. 
5 A user connects a CPE 20 which is a DHCP client CPE to a cable modem 

18 and attempts to access Internet services by issuing a DHCP request (170). The 
network service management server 12 sends a DHCP response to the CPE 20 
(172). 

The network service management server 12 extracts the MAC address of 

10 the cable modem from the DHCP request (174), and can use this information to 
determine the physical location from which the CPE 20 is connected (176) referring 
to the mapping information stored in the modem database 26. Also, using this 
information, the network service management server 12 presents a custom 
interface, such as a billing fee schedule and connection options, to the CPE 20 

15 (178). Through the custom interface, the user requests registration of the CPE 20 
for Internet services (180) by sending information of selected options. The network 
service management server 12 registers and authenticates the CPE 20 (182). 

Once the CPE 20 is provisioned and authenticated for service, upstream 
Internet traffic from the CPE 20 to the Internet 24 is routed through the cable 

20 modem 18, CMTS 14, network service management server 12 and router 22. 
Downstream Internet traffic to the CPE 20 is routed from the Internet 24 through 
router 22, network service management server 12, CMTS 14 and cable modem 18. 

These steps are performed for each and every capable modem that is 
associated with the network service management server 12. This is available 

25 across the cable modem network. 

Referring to Figure 3, another embodiment is described where the network 
service management server 4 is embodied by a network service management 
server 13 that acts as a partial network provisioner and shares the provisioning 
functions with a third party provisioning system 3Q. The network service 

3Q management system 1 3 works with the third party system 30. The network service 
management system 13 can retrieve cable modem information from the third party 
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system 30. Some MSO operators require the network architecture include a third 
party commercial cable modem provisioning system 30. While provisioning of 
some or all cable modems may be performed in the third party system 30, 
authentication, NAT, Proxy, billing, and Domain Name System (DNS) services take 
5 place on the network service management system 1 3 for the CPEs the network 
service management system 13 sees. The network service management system 
13 and the third party cable provisioning system 30 can serve DHCP and TFTP 
requests to the groups of cable modems associated to their respective provisioning 
system. 

10 The CMTS 14 is configured to route requests from CPE 20 to the network 

service management server 12 or the third party provisioning system 30 based on 
the MAC address of the cable modem 18. Thus, network traffic for DHCP, TOD, 
DNS, and TFTP is passed through the cable modem 18 and is sent to the third 
party provisioning system 30 or the network service management server 12. 

15 Referring to Figure 4, another embodiment is described where the network 

service management server 4 is embodied by a network service management 
server 15 that does not perform any network provisioning functions. Network traffic 
for DHCP, TOD, DNS and TFTP is passed through the cable modem 18 and is 
provisioned by a third party provisioning system 30. 

20 The third party provisioning system 30 handles the provisioning of the cable 

modems 18 and DHCP requests and configuration of the CPE 20. 

The network service management server 15 can retrieve the MAC address 
information and determines the physical location of the CPE from the CMTS 14 or 
from the third party provisioning system 30. The network service management 

25 system 12 can also perform authentication and billing functions without access to 
the CPE MAC address. 

In all embodiments shown in Figures 1B, 3 and 4, once the CPE 20 is 
provisioned and authenticated for service, upstream Internet traffic from the CPE 
20 to the Internet 24 is routed through the cable modem 18, CMTS 14, network 

30 service management server 1 2, 1 3 or 1 5 and router 22. Downstream Internet traffic 
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to the CPE 20 is routed from the Internet 24 through router 22, network service 
management server 12, 13 or 15, CMTS 14 and cable modem 18. 

The network service management server 4 is further described in detail 
using the network service management server 12 shown in Figure 1B, which has 
5 all three major functionalities of network provisioning, authentication and billing 
services. The network service management server 4 may have more or less 
functionalities or components than those described below. 

Figure 2 shows an example of components or functionalities of the network 
service management server 12. 

10 The network service management server 12 has a registration driver 40, a 

client entry store 41 , a DHCP server 42, a Network Address Translation (NAT) 
module 44, Simple Network Management Protocol (SNMP) daemon 46, a cable 
modem information handler 48 t the cable modem database 26, a Trivial File 
Transfer Protocol (TFTP) server 50, a packet filter module 99 ,a location resolution 

15 component 52, a billing data handler 54, a billing database 56, client interface 
handler 58, an authentication handler 60, a CMTS handler 62 and graphical tools 
64. 

The registration driver 40 handles registration of CPEs and manages 
address information and other information of registered and unregistered CPEs 
20 stored in a client entry store 41 . 

The packet filter module 99 provides basic security blocking. It also 
intercepts web and email traffic for unregistered clients and initiates a redirection to 
the client interface handler. 

The DHCP server 42 assigns dynamic IP addresses to devices on the cable 
25 modem network, e.g., CPEs and Cable Modems. . 

The NAT module 44 enables the cable modem network 10 to use one set of 
IP addresses for internal traffic and a second set of addresses for external traffic. 

The SNMP daemon 46 manages the cable modem network 10 by sending 
messages, called protocol data units (PDUs), to different parts of the network. 
30 SNMP-compliant devices, called agents, store data about themselves in 
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Management Information Bases (MlBs) and return this data to the SNMP 
requesters. 

The cable modem information handler 48 maps each cable modem 18 to a 
physical location and stores the mapping information in the cable modem database 
5 26. The cable modem mappings are further described below in detail. Also, it 
handles setting information relating to each cable modem 18, such as billing 
schedule and connection options, as described above. 

The TFTP server 50 provides TFTP provisioning service and sends 
configuration files to cable modems. In conjunction with the DHCP server 42, the 
10 TFTP server 50 can be used to send different configuration files to different 
modems or groups of modems. 

The location resolution handler 52 resolves physical locations of CPEs 20. 

The billing data handler 54 handles billing data of each CPE and stores the 
billing data in the billing database 56. 
15 The client interface handler 58 handles a client interface, such as 

presentation pages including registration pages and billing pages, for each local 
properly based on the information and data handled by the cable modem 
information handler 48 and billing data handler 54. 

The authentication handler 60 handles authentication of CPEs 20 based on 
20 the information and data handled by the registration driver 40 and cable modem 
information handler 48. 

The CMTS handler 62 handles communication with CMTSs 14 and 
information of CMTSs. 

Graphical tools 64 including tools for allowing users to configure settings or 
25 modify information or data handled by other components, such as the cable modem 
information handler 48, billing data handler 54, CMTS handler 62 and registration 
driver 40. An example of tools 64 is a configuration tool that allows users to 
configure CMTS definition, the modem mapping, and address range assignment to 
routing CMTSs. 

30 The network service management server 12 operates with multiple bridging 

and routing CMTSs connected to the network service management server 12 
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simultaneously. To this end, the network service management server 12 assigns 
specific CPE IP address ranges, cable modem IP address ranges and switch 
(maintenance) IP address ranges to each routing CMTS using the registration 
driver 40, A switch IP address is an IP address for a managed network device. 
5 The use of these IP addresses allows the network service management server 12 
to assign router-aware addresses to CPEs, modems, and network devices and 
thus allows operation of multiple routing CMTSs simultaneously. 

The registration driver 40 of Figure 2 is now described in detail. Figure 5 
shows an example of the registration driver 40. The registration driver 40 contains 
10 address assignment handler 80, router-aware address pools 82, a common 

bridged cable modem address pool 84, client entry handler 88, and a client entry 
store 41. 

The address assignment handler 80 assigns IP addresses to CPEs, cable 
modems and other network devices. Those IP addresses are selected from the 
15 CPE, cable modem and switch IP address ranges that are associated with specific 
routing CMTSs. 

The network service management system 12 supports multiple routing 
devices (routers), e.g., routing CMTSs. The address assignment handler 80 
assigns router-aware IP addresses to network devices. A router-aware IP address 

20 enables the network service management system 12 to identify from and to which 
router the traffic is sent. 

Bridging CMTSs share a common pool 84 of cable modem IP addresses. 
The address assignment handler 80 assigns to bridged CPEs IP addresses from 
standard bridged client IP address ranges, i.e., normal unrouted IP address ranges 

25 The IP address assignment is described in detail first for the CMTS operating 

in Bridging Mode. 

A CPE IP address may be assigned as follows for a CPE having a fixed or 
static IP address that is configured for a foreign network. When the user connects 
a CPE to a cable modem and boots the CPE, an Address Resolution Protocol 
30 (ARP) request is generated to see if this fixed IP address is already in use. The 
ARP request contains the fixed IP address and a MAC address of the CPE. The 
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network service management server picks up the ARP request and passes it to the 
packet driver 303 (shown in Figure 6). The packet driver 303 asks the registration 
driver 40 to look up this fixed IP address for the CPE MAC address. In this case, 
the registration driver 40 does not find a client entry having the CPE MAC address, 
5 and accordingly, the registration driver 40 transparently assigns to the CPE a new 
IP address from the pool of IP addresses available for the CPE. The packet driver 
303 performs NAT on the ARP packet. The CPE becomes an owner of the 
assigned IP address on the cable modem network. The registration driver 40 
registers the CPE using the assigned IP address with the option of using the CPE 

10 MAC address. 

When the network service management server 12 receives a packet from the 
CPE, the packet contains the fixed IP address of the CPE and the CPE MAC 
address. The network service management server passes the packet to the packet 
driver 303. The packet driver 303 examines the packet and obtains the CPE MAC 

15 address. It looks up the client entry in the registration driver 40 using the CPE MAC 
address, and determines the assigned IP address associated with the MAC 
address. If the assigned IP address is different from the fixed IP address, the 
packet is NATed to. include the assigned IP address, and then forwarded to the next 
stage for transmission to the destination. 

20 When the network service management server receives a packet from the 

Internet, the packet is passed from the packet filters to the ARP handler 307 (shown 
in Figure 6). In this case, assume that the packet contains a CPE MAC address of 
the destined client. The ARP handler 307 looks up the CPE MAC address. The 
packet is passed on to the packet driver 303 that looks up the client entry for the 

25 CPE MAC address and determines the assigned IP address associated with the 
CPE MAC address. It thus identifies the CPE to which the packet is destined. If the 
assigned IP address is different from the fixed IP address of the CPE, the packet 
driver 303 performs NAT on the packet so that the packet contains the fixed IP 
address. The packet is then transmitted to the CPE. 

30 Thus, the CPE can use its fixed IP address to send and receive messages. 

The user does not need to change the IP address of the CPE to connect to the 



CA 02457368 2004-02-11 



17 

cable modem network. The user can access Internet services through the cable 
modem network without changing the network configurations, e.g. the IP address. 

The IP address assignment is now described in detail for the CMTS operating 
in Routing Mode. 

5 The assignment of addresses in other scenarios and determination of the 

CPE MAC are further described below. 

Some existing routing CMTSs use publicly addressable IP addresses, such 
as ReallP (trade-mark). The network service management server 12 preferably 
supports those publicly addressable IP addresses, including ReallP to use with 

10 those routing CMTSs. 

The address assignment handler 80 allows configuration of multiple, distinct 
router aware pools 82 of IP addresses by a system operator. Each router-aware IP 
address pool 82 comprises masqueraded and/or routable address ranges , and is 
assigned to a specific routing CMTS. 

15 Graphical tools 64 shown in Figure 2 includes a configuration tool which is 

used to define the router-aware CPE, cable modem, switch address pools 82 and 
the bridged cable modem address pool 84. Also, graphical tools 64 include a tool 
which is used to define IP address ranges for each CMTS. Similar tools may also 
be provided in the registration driver 40. 

20 When clients are registered, the client entry handler 88 updates the 

information of the clients in the client entry store 41 . 

Each client entry 68 is router-aware, i.e., contains a router MAC address. 
An IP packet has a source MAC address of the most recent router, regardless of 
how many routers that packet has traversed. The network service management 

25 server 12 considers the source MAC address of an IP packet to be the router MAC 
address of the client sending that packet. Thus, a router MAC address for a client 
is automatically and dynamically set to the source MAC in the most recent IP 
packet sent from the IP address of the client. Consequently, the network service 
management server 12 always knows if a client message is being routed (router 

30 MAC != client MAC), and which router that the client is behind, or if the client is 
bridged (router MAC = client MAC). 
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Each IP packet also has a source IP address. The network service 
management server 12 considers the source IP address of the IP packet to be the 
client IP address. The network service management server 12 can determine the 
client MAC address by either examining DHCP packets sent from the client to the 

5 network service management server 1 2, or by querying a Management Information 
Base (MIB) on the router as described below.. 

Cable modems are considered by CMTSs as DHCP relay agents that 
relays DHCP messages to DHCP server 42 (Figure 2). Each client entry is also 
DHCP relay agent-aware, and contains a relay agent information (RAI) MAC 

10 address. 

When the client sends a DHCP option 82, the RAI MAC address is 
updated with the RAI MAC in the DHCP option 82 received from the client. A 
setting on most CMTSs enables the attachment of DHCP option 82 into DHCP 
DISCOVER packets which are forwarded by the CMTS to the other network 
15 devices, i.e., the network service management system 12 in this case. 

The RAI MAC is used in client location resolution as described below. The 
RAI MAC is also used as a means of determining if a network entity is a CPE (client 
MAC != RAI MAC) or cable modem (client MAC = RAI MAC). 

Accordingly, each client entry in the registration driver contains three MAC 
20 addresses: client MAC; router MAC; and RAI MAC. The combination of these three 
MACs provides the network service management system 12 with useful information 
about the client 

Each client entry includes the original IP( in the case of a statically 
addressed clients), assigned IP address, as well as the client MAC address, router 
25 MAC address and RAI MAC address. In some network configurations, the network 
service management server 12 may have access to. only a subset of the data which 
the network service management server 12 is capable of collecting. 

For example, in a routed cable network which uses a third party DHCP 
server, the network service management server 12 typically has access to only the 
30 router MAC address and the assigned IP address of the client In such a network, 
the network service management server 12 maintains entries for several clients 
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possessing the same router MAC address but client assigned IP addresses that are 

uniquely assigned to individual clients. 

The network service management system 12 is capable of identifying and 

processing clients by assigned IP addresses that are uniquely assigned to 
5 individual clients by the IP address assignment handler 80. This allows the server 

10 to handle routed clients even if the network service management server 12 is 

used for a routed cable network with a third party DHCP or does not receive DHCP 

traffic, and the network service management server 12 sees no client MAC 

addresses. Situations where the network service management system 12 receives 
to no DHCP traffic and therefore no client MAC addresses occur in routed cable 

networks which use a third party provisioning server as the sole provisioning agent 

or system 30 (Figure 4). 

The network service management server 12 sees the Internet-bound traffic 

in the form of (routermac, clientip), where "routermac" represents a router MAC 
15 address, and "clientip" represents the IP address of a client. The NAT module 44 

(Figure 2) creates multiple client entries in the registration driver based upon this 

traffic, with the client MAC = router MAC, i.e., as (clientmac, clientip). The client IP 

address is used to differentiate those multiple client entries. 

Thus, the network service management server 12 can operate solely upon 
20 client IP addresses. This allows the network service management server 12 to act 

more as a gateway with billing and location-related features, than as a provisioning 

gateway. 

The network service management server 12 may not receive traffic 
containing client MAC. In this case, if the routing CMTS offers an appropriate 

25 Management Information Base (MIB), then, the network service management 
server 12 can retrieve the client MAC in realtime from the routing CMTS when 
network service management server 12 tries to resolve a client's location. This 
occurs when a client is redirected to a menu for registration. This MIB must contain 
(MAC, IP) pairs, i.e., client MAC and IP address pairs, for the network entities which 

30 the CMTS routes. Here a client MAC is a CPE MAC or cable modem MAC. An 
example of this MIB is ipNetToMediaPhysAddress table. When such an MIB is 
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available and contains an entry for the IP address in question, the network service 
management server 12 automatically and in realtime retrieves the corresponding 
MAC and updates the client entry to be (clientmac, clientip) from (routermac, 
clientip). This provides the network service management server 12 with more 
5 specific data for that client. 

While the network service management server 12 is capable of using 
assigned IP addresses as the unique identifier for its clients, the network service 
management server 12 may collect other information for clients when that 
information is available to the network service management server 12. For 

10 example, when the network service management server 12 acts as the DHCP 
server for a routed cable network, the network service management server 12 has 
access to the client MAC addresses, and possibly the RAI MAC addresses, which 
are included in the DHCP packets. In that case, the network service management 
server 12 records these client MAC addresses, but still uses the client assigned IP 

15 addresses as unique identifiers for its clients. The other information which is 
collected, such as the MAC addresses, enables certain functionalities of the 
network service management server 12. For example, when the network service 
management server 12 has access to RAI MAC addresses, the network service 
management server 12 can perform the CPE location resolution using those RAI 

20 MAC addresses, as described below, 

The ability of using only the client assigned IP addresses as the unique client 
identifier allows the network service management server 12 to be integrated into a 
wide variety of network configurations. 

The SNMP daemon 46 shown in Figure 2 is described in detail. The SNMP 

25 daemon 46 allows the retrieval of client MAC from a MIB, such as 

ipNetToMediaPhysAddress table, and updates the client entry in the registration 
driver accordingly as described above. The SNMP daemon can also read other 
standard and non-standard MIBs (as required) in order to perform location 
resolution. 

30 The SNMP daemon 46 may also resolve the CPE's location based upon 

assigned IP address, instead of only the client MAC address. This offers 
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location-based functionality in routed environments in which the network service 
management server 12 does not have access to CPE MAC addresses (i.e. no 
DHCP traffic). 

The SNMP daemon 46 supports relevant DOCSIS MIBs on CMTSs for use 
5 in modem mapping and client MAC resolution, and supports some proprietary 
non-DOCSIS MIBs which offer CPE-modem association on, for example, Cisco 
UBR7000 series CMTS (trade-mark), Motorola BSR1000 CMTS (trade-mark), 
BSR64000 CMTS (trade-mark), Arris 1000 / Arris 1500 CMTS (trade-mark). This 
allows the server 12 to perform location resolution using only SNMP functionality on 
10 these CMTSs as opposed to using RAI-based location resolution. 

Cable modem mapping by cable modem information handler 48 shown in 
Figure 2 is now described in detail. The cable modem information handler 48 can 
map cable modems on a CMTS, i.e., insert information of the cable modems into 
the registration driver 40 and cable modem database 26 for use in CPE location 
15 resolution. It can map cable modems by referencing specific standard MIBs, such 
as standard DOCSIS MIBs on the CMTS. Thus, the cable modem information 
handler 48 can map cable modems on virtually any CMTS to which the network 
service management server 12 has at least read-only SNMP access. 

The cable modem information handler 48 does not need to receive any 
20 unsolicited traffic, such as DHCP, TFTP, TOD, from cable modems 18 in order to 
map them. The network service management server 12 retrieves enough 
information about cable modems 18 from the MIBs on the CMTS 14. 

The network service management server 12 stores modem mappings for 
multiple CMTSs. This allows the network service management server 12 to offer 
25 full functionality to multiple CMTSs simultaneously. 

Graphical tools 64 include a tool for controlling, viewing, and editing the 
results of modem mapping. 

The cable modem information handler 48 allows discretionary modem 
mapping. It provides a means to specify inclusion or exclusion lists listing cable 
30 modem MAC to be included or excluded. Thus, the cable modem information 
handler 48 can control which cable modems should be mapped and which cable 
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modems should not be mapped. This functionality is convenient when a CMTS is 
hosting cable modems which the network service management server 12 does not 
need to manage, or when the network service management server 12 performs 
different types of mapping on different groups of modems. 
5 There are two types of mappings: portless modem mapping and detailed 

modem mapping. Some cable modems have multiple ports or interfaces. 
Examples include ethernet, usb, and wireless interfaces. The portless mapping 
treats each cable modem as a single logical port without consideration of the 
number or types of the modem's interfaces. The detailed modem mapping maps 

10 each individual port or interface on a cable modem as distinct logical ports. 

The portless modem mapping is much faster than detailed modem mapping, 
since the modem's standard interface MIBs do not need to be queried by the 
network service management server 12. The detailed mapping may take a long 
time. However, it allows the network service management server 12 to treat the 

15 cable modems 18 as managed network devices. Other managed network devices 
may be placed behind the cable modems, and the network service management 
server 12 can offer full functionality to all devices. 

When the cable modem 18 is mapped in accordance with the portless 
mapping, the port resolution by the network service management server 12 

20 determines from which modem a CPE's traffic is originating. 

When the cable modem 18 is mapped in accordance with the detailed 
mapping, the port resolution by the network service management server 12 
determines from which modem interface a CPE's traffic is originating. 

The network service management server 12 communicates with the cable 

25 modem 18 to perform the detailed mapping. The network service management 
server 12 does not need to communicate with the cable modem 18 to perform the 
portless mapping. 

Once a cable modem to which a CPE is connected is mapped, location 
resolution of the CPE can be performed. Figure 7 shows one example of the 
30 location resolution handler 52 of Figure 1 B. The location resolution handler 52 has 
two CPE location resolution mechanisms: SNMP-based location resolution 90 and 
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DHCP option based location resolution 92. The location resolution handler 52 
performs the CPE location resolution using either the mechanism 90 or 92. 

The location resolution handier 52 can perform SNMP-based location 
resolution 90 when the network service management system 12 knows the CPE 
5 MAC address, i.e., when it either receives CPE DHCP traffic or has access to the 
ipNetToMediaPhysAddress MIB on the CMTS 14. In the absence of CPE DHCP 
traffic, the location resolution handier 52 queries a proprietary MIB (i.e. 
non-DOCSIS MIB) on the CMTS 14. This MIB provides CPE MAC - cable modem 
MAC association. Thus, based on the known CPE MAC address, the location 

10 resolution handler 52 can obtain the cable modem MAC address from the 
association and resolve the physical location of the cable modem using the 
information in the cable modem database 26. For this resolution 90, the CMTS 
should provide an adequate proprietary CPE MAC-cable modem MAC association 
MIB in response to the query. 

15 The location resolution handler 52 can perform DHCP Option based location 

resolution 92 when the network service management system 12 receives CPE 
DHCP traffic. The location resolution handler 52 automatically records the CPE's 
RAI MAC address based on the DHCP Option 82. The RAI MAC address is 
included in at least the CPE's DHCP DISCOVER packets, and in the CPE's client 

20 entry in the registration driver. 

This RAI MAC address will be the MAC address of the cable modem 18 to 
which the CPE 20 is connected. For modem DHCP DISCOVERS, the RAI MAC 
address is the same as the cable modem MAC. Therefore, if the network service 
management server 12 does not have access to a proprietary CPE-CM association 

25 MIB on the CMTS 14, and if the network service management server 12 receives 
CPE DHCP traffic, the network service management server 12 can use the RAI 
MAC address which it has recorded for the CPE in order to determine to which 
cable modem the CPE 20 is connected. 

When the cable modem 18 has been mapped in detail, the network service 

30 management server 12 can then proceed to query the modem's standard bridge 
MIBs to determine to which modem port the CPE is connected. 
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According to the above embodiments of the present invention, a cable 
operator can choose to offer nomadic Internet services as a wide area provider 
across their entire network. The existing cable network continues to provide 
conventional cable modem residential and commercial Internet service. In addition, 
5 a cable company can extend its offering to include service to nomadic Internet 
users. 

The Internet service can be billed on a pay per use basis. The clients 
authenticate and may pay for service using credit cards, pre-pay cards, or a 
subscription account. Any location where a cable company presently offers 

10 network service via a cable modem is configured to operate as a pay per use public 
Internet access node. 

Referring to Figure 6, additional components or functionalities included in 
the network service management server 12 are described. 

The network service management server 12 includes a packet driver 303. 

15 The packet driver 303 examines incoming packets. If the incoming packet is 
identified as a routed packet, the packet driver will assign an IP address equal to 
the original IP address. If the packet is a bridged packet, its MAC address is looked 
up in the registration driver 40, If this is the first time that this MAC address is 
encountered, then an IP address is assigned, and if the source IP address of the 

20 packet is a valid unassigned IP address, then that IP address will be assigned to 
that MAC address. Once the assigned IP address is determined, sanity tests are 
applied to ensure that the original IP address associated with the MAC has not 
changed in an unacceptable manner, if it has changed in an unacceptable manner 
then the entry is deleted, thus forcing the client to re-register if they were previously 

25 registered. If the assigned IP address is different from the original IP address in the 
client's packet then that IP address will be replaced with the assigned IP address in 
the IP or ARP header and the packet checksum recalculated according to the 
methods described in RFC-1624. If the packet contains a TCP or UDP packet then 
the checksum is further recalculated as above to account for the changed IP 

30 address in the pseudo-header associated with such packets as described in 
section 3.3 of RFC-1631 . 
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All outgoing packets have their source destination address looked up in the 
registration driver 40 (as an assigned IP address). If a matching entry is found then 
the original IP address is substituted provided it is non-zero and not equal to the 
current destination address. Then the packet's checksums are recalculated as 

5 described above for incoming packets. 

The network service management server 12 includes a packet filter input 
rules handler 305 and a packet filter forwarding rules handler 306 (referred to as 
packet filter rules handlers). The packet filter rules handlers 305, 306 allow packet 
filter rules that test the state of the registration entry flags for the source and/or 

10 destination addresses of packets. 

The network service management server 12 includes TCP/IP socket 
interface 31 1, a soin daemon 315 and a command line interface 317. The TCP/IP 
socket interface 31 1 is the standard socket networking interface, such as an 
interface provided by Linux, Unix. 

15 The soln daemon 31 5 is responsible for performing regular periodic backups 

of the registration driver. It also listens for UDP traffic on a specified port. The 
command line interface 317 offers an administrative and diagnostic tool to system 
administrators. It serves as a user space interface into the registration driver 40. It 
may be used to check the current state of the registration driver 40 or modify it. 

20 The network service management server 12 includes a POP server 313 for 

email service. A request to read or download mail is directed to the POP server 31 3 
if the client is attempting to access their e-mail without being registered. The POP 
server 313 limits the number of emails a client can send during a registration 
period. The POP server 313 counts the number of emails sent during the 

25 registration period. If the client exceeds a certain limit set by the administrator, the 
network service management server 12 will not permit any more emails to be sent 
by this client. This feature prevents the system from being used as a SPAM relay 
system. The registration period may be set in the registration driver 40. 

The network service management server 12 includes a registration Web 

30 server 310, and a redirection Web server 314, The registration Web server 310 
serves local content for the network service management server, which includes 
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the registration Web pages, administrative Web pages, and configuration Web 
pages. 

The registration Web pages serve as a client's portal to the services 
provided by the network service management server 12. This includes registering 

5 for access to the internet. The client may choose different methods of 

authentication, including port based or access code based. For example, in the 
port based authorization model, fee information is determined based upon their 
assigned IP address. For example, in access code based authentication, fee is 
determined based upon access codes which clients enter. The access codes may 

10 include prepaid access code and location based access code as described below. 
The administrative Web pages allow server administrators and staff to 
perform various tasks, including the checking current state of the registration driver, 
manual registration changes, modification of the settings of the components 
included in the network service management server 12, displaying of system health 

15 variables, displaying of billing information, and displaying and generating of access 
codes. 

The redirection Web server 314 listens for http traffic on a special port. 
When the redirection Web server 314 receives an http request, it will send the client 
to the registration Web server 310. 

20 The network service management server 12 includes a standard 

open-source DNS server 312 to handle their DNS requests. 

As described above, the registration driver 40 maintains an original IP 
address, an assigned IP address, client MAC address, router MAC address and 
RAI MAC address. The registration driver 40 further includes timing parameters to 

25 allow fixed-length registration periods, as well as inactivity timeouts for 

unregistered clients. The timing parameters may include: a creation time, a 
registration time, a registration expiry, an entry expiry, a last used, and flags. The 
creation time parameter shows the time that the IP address was assigned this 
client. The registration time parameter shows the time that the client was 

30 registered for Internet access through the registration process. The registration 
expiry parameter shows the time that the registration is due to expire. The entry 
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expiry parameter shows the time that the assigned IP address will be returned to 
the pool of free IP addresses. The last used parameter shows the last time there 
was traffic to/from the client system. The flags contain fait fields used to indicate the 
state and nature of a particular client (i.e. registered; DHCP; valid; permanent; etc.) 
5 The registration driver 40 maintains pools of both assigned IP addresses 

and unassigned IP addresses. The registration driver 40 maintains address pools 
for clients in a Virtual Private Network (VPN). 

As described above, the network service management server 12 provides 
multiple billing and payment options providing flexibility for MSOs and their 
10 customers, and has multiple features for registration/billing services. The network 
service management server 12 integrates with multiple billing systems, including 
cable account bills and property management bijjing systems in the hospitality 
industry. 

The network service management server 12 may provide the following 
15 functionality or components for registration and billing services. 

Property Management System 1 way (PMS1 way) :The network service 
management server 12 has a PMS 1 way component for posting charges to a client 
folio in a local property, such as a guest folio in a hotel. The PMS 1 way component 
supports interfaces, such as Micros Fidelio, Hilton, Springer Miller, Bell HOBIC, 
20 HIS, Galaxy, MSI, Encore, Lodgistix, Hitachi HOBIC, System 21, Yesware, and 
Comtrol. 

The network service management server 12 integrates with PMS allowing 
the charges for high speed internet access to appear on the user's folio. The guest 
simply selects the service when registering and the network service management 
25 server ports the charges directly to the folio of the hotel guest room via the PMS. 
This ensures that charges for high speed internet access usage appear on the 
guest bill. 

Property Management System 2 way (PMS 2 way) : The network service 
management server 12 has a PMS 2 way component for interacting with the 
30 property PMS system to post charges to a guest folio and to retrieve information 
from the PMS to present further authentication mechanisms, retrieve and apply 
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discounting. The PMS 2 way component supports interfaces, such as Micros 
Fidelio. The PMS 2 way integration allows group discounts and customization of 
greetings, while supplying the guest with on-line billing information. The PMS 2 way 
component pulls data from the PMS database. 
5 This enables additional features such as: 

- Check In/Check Out Status: All traffic may be blocked until a hotel room 
has been checked in. This means that until a hotel guest has registered with the 
property, no one else (i.e., unauthorized user, a housekeeper, or property staff) can 
use the service. 

10 - Folio Review: This feature allows the guests to view their current hotel 

charges outline. 

- Discount: This feature allows the property to apply discounts to Internet 
charges based on PMS settings. 

- Name Lookup: This feature allows the property to retrieve guest 

15 information from the PMS database. With this feature enabled, the property 
automatically customizes a registration page for each guest. 

RADIUS (Remote Authentication Dial-In User Service) Support : The 
network service management server 12 has a RADIUS support component for 
supporting full RADIUS AAA functionality. The RADIUS support component 

20 authenticates, authorizes and has accounting information sent to a RADIUS server 
on the Internet. The client is capable of having a central account configured, 
authenticated and billed for their usage directly to their account. 

The RADIUS support provides centralized account based authentication, 
permitting property owners the ability to offer brand-wide sales to major 

25 corporations and organizations. 

RADIUS manages customer accounts through user IDs and passwords. The 
network service management server 12 acts as a RADIUS client node and 
forwards user IDs and passwords to the RADIUS server for authentication. If there 
are multiple network service management server sites across the same brand, this 

30 feature allows property managers to user the same authentication information 
(username/password) at all participating sites. 
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r.rerm Card Support: The network service management server 12 has a 
credit card support component for supporting credit card settlement for Internet 
usage. The client is allowed to pay for their Internet usage via their credit card. 
Once the credit card is authenticated by a third party authorization service, the 
client is granted internet access. When configured for credit card authentication, 
the network service management server 12 routes credit information and charges 
securely to an Internet based transaction server for processing (such as Verisign, 
authorize.net). The network service management server 12 receives an approved 

or denied message in reply. 

Pre.p a iri Access Codes: The network service management server 12 has 
a pre-paid access codes component for generating pre-paid access codes to 
authorize clients for Internet service. Similar to a phone calling card, the client 
enters the pre-paid access code to gain Internet access. The pre-paid card has an 
associated amount of time the client can connect to the Internet. 

Specific levels of service associated with the access code may be set up by 
blocks of time, service levels, bandwidth and/or type of IP address. Access codes 
are designed for environments where the user will pay for the service at a desk or 
counter and receive a specific level of service. 

Users purchase an access code that is valid for predefined services and 
time. Once registered, a user is allowed to move from one room, or port to another. 
The pre-paid access codes component recognizes the user's unique MAC address 

and does not re-bill the user. 

For example, for conference or meeting rooms, access codes are generated 

for each port preventing fraudulent use. 

i ocatieD Based Access Codes : Properties may want to restrict access to a 
specific port, such as a port in a conference room, a business center or a lobby. 
The network service management server 12 supports such access restriction 
through location based access codes. A subscriber registers for service with an 
access code. 
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Multiple Registration Periods : The network service management server 12 
offers multiple registration periods. The registration periods may be offered as 
options to a client requesting/registering for Internet service. 

Multiple Service Classes : The network service management server 12 
5 offers multiple service classes. The service classes, such as speed of service, 
public vs private IP assignment, connection times, are offered as options to a client 
requesting/registering for Internet service 

B yte Based Billing : The network service management server 12 allows 
properties to bill the usage of the network. The network service management 
10 server 12 tracks client usage and bills by the amount of actual network traffic they 
have consumed. 

Time Based Billing : The network service management server12 allows 
properties to bill the minute, hour, day, week, month, year or decade, whatever 
parameters the property desires. The network service management server 12 

15 tracks the client connection time, which is similar to a long distance phone call. The 
client is charged by the number of minutes they are connected to the Internet. 
Alternatively, users may be charged incrementally on a per minute basis. 

The network service management server 12 may also have functionalities to 
provide the following services. 

20 Printing : The network service management server 12 offers a "driver-less" 

printing service. Clients using this feature select the service web page on the 
network service management server 12, They select the printing option. The 
system supports MS Office documents. Documents are uploaded to the network 
service management server 12, routed to a remote conversion server and returned 

25 to the server. The client has the option to preview the document before sending it 
to the printer. The property can charge a fee for the printing service. 

Walled Garden (Free Sites) : The network service management sever 
supports a free site list. Clients using the network service management server 12 
are capable of accessing only the web sites in the "free site" list until they have 

30 registered for Internet access. This feature has a set of tools that the site 
administrator can add/remove web sites from the list. 
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Proxy Support : The network service management server 12 accommodates 
client browsers that have been configured to route their web requests through a 
proxy server. The network service management server 12 has administration tools 
for modifying proxy ports, such as adding new proxy ports. The network service 
5 management server 12 supports a plurality of proxy ports, such as 

(1080,3124,8000,8080), and further adds new proxy ports. Using the tools, the 
network service management server 12 offers seamless proxy support for client 
computers pre-configured with proxy ports enabled in their browsers. 

VPN Support : The network service management server 12 supports Virtual 

10 Private Network (VPN). The VPN support permits client computers to connect to 
remote VPN services through the network service management server 12. Clients 
register for VPN service on network service management server 12. The clients 
may register for this service through the registration web pages. Once the network 
service management server 12 authenticates the clients, the client computers start 

15 their VPN client software and securely tunnel over the Internet back to their 

corporate network. All network traffic between the client computer and the remote 
VPN server is encrypted. The VPN traffic supported by the network service 
management server 12 include the traffic for Point-to-Point Tunneling Protocol 
(PPTP) and IP Security (IPSEC) protocols. 

20 The above embodiments have been described using a cable modem 

network. The network service management server 12 also integrates with various 
vendors hardware in addition to cable modems. 

Wireless Access Points : The network service management server 12 offers 
support for wireless access points. Generic wireless access points behave like a 

25 network hub. The network service management server 12 authenticates a client 
based on their MAC address. The network service management server 12 resolves 
location where the access point is connected to a managed switch. 

Wireless Bridges : The network service management server 12 integrates 
proprietary wireless bridges, which resolves the MAC address of the wireless 

30 bridge. If the MAC address of a wireless bridge is available, the wireless bridge is 
"mapped" to a guest room number. Using the capability, the network service 
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management server 12 determines where a client is connecting from, and having 
resolved the actual room a guest is connected to allows the network service 
management server 12 to bill directly to the guest's folio. 

The present invention may be applied to different networks operated by 

5 MSOs with appropriate modification. Different networks may comprise various 
network entities. An example of different MSO internal networks is shown in Figure 
8. The MSO internal network 100 comprises multiple network entities, including 
adapters which are capable of routing traffic from and to CPEs 20. The MSO 
internal network 100 are terminated with terminators 114 located in a network 

10 operations centre 106. The MSO network 100 may be Digital Subscriber Line 
(DSL) networks, or a network of satellites. 

For example, when the MSO internal network 100 is a DSL network , the 
network includes one or more DSL modems used as adapters 118 and one or more 
DSL concentrators used as terminators 114. DSL modems and DSL concentrators 

15 correspond to cable modems and CMTSs in the cable modem network described 
above, respectively. A DSL concentrator provides network traffic collection and 
relay services, similar to a CMTS in a cable modem network. DSL concentrators 
may be Digital Subscriber Line Access Multiplexers (DSLAMs). 

A network service management server 104, similar to network service 

20 management server 4 described above, integrates with the DSL concentrators and 
DSL modems. In the DSL network, DSL modems do not request IP addresses or 
request TFTP configuration files. Accordingly, the network service management 
server 104 queries the DSL concentrators to obtain information regarding DSL 
modems connected to the DSL concentrators, and CPEs connected to the DSL 

25 modems. The network service management server 104 also queries the DSL 
concentrators to determine to which DSL a CPE is connected, e.g., resolve the 
room/port/DSL modem location from which a guest is connecting his/her CPE. This 
is similar to querying a switch port to retrieve the switch and port a client is 
connected to. This switch/port map is then mapped to a physical room in the local 

30 property. The DSL concentrators may use a standard bridge MIB (RFC 1493), or 
other proprietary methods to track this information. The network service 
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management server 104 may perform, when appropriate, client data collection, 
network provisioning, client authorization and/or routing in similar manners in a 
cable modem network as described above. 

The embodiment described above may be implemented in hardware, 
software or in a combination of hardware and software. While particular 
embodiments of the present invention have been shown and described, changes 
and modifications may be made to such embodiments without departing from the 
true scope of the invention which is defined in the claims. 



CA 02457368 2004-02-11 



34 

What is claimed is: 

1 . A network service management server for managing network services for an 
internal network operated by a multi-system operator, the internal network being 

5 formed with network entities, the network service management server comprising: 
a registration driver provided at a selected location of the internal network for 
registering a client connecting to one of the network entities; 

an address assignment handler provided at the selected location of the 
internal network for assigning to the client an address associated with the one of 
10 the network entities to which the client is connected; and 

an information handler for handling information relating to network services 
for the client based on the assigned address. 

2. The network service management server as claimed in claim 1 , wherein: 

15 the registration driver registers the client with the assigned Internet Protocol 

(IP) address or Media Access Control (MAC) address. 

3. The network service management server as claimed in claim 1 , wherein: 
the registration driver registers the client in association with information of 

20 one or more network elements through which the client is routed. 

4. The network service management server as claimed in claim 1 further 
comprising: 

a network entity database for storing location information of a network entity 
25 in association with a MAC address of the network entity; and 

a location resolution handler for obtaining a network entity MAC address 
from network traffic sent from or to a client connected to the network entity, and 
resolving the location of the client based on the location information of the network 
entity using the client IP address or MAC address. 
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5. The network service management server as claimed in claim 4 wherein: 
the registration driver registers the client in association with a client IP 

address or client MAC address. 

6. The network service management server as claimed in claim 4 wherein: 
the internal network reflects one or more network entities which are routing 

devices; and 

the address assignment handler assigns to the client an address that 
includes information of one or more routing devices that the client traffic is routed. 

7. The network service management server as claimed in claim 6 wherein: 
the internal network includes one or more relay modules; and 

the address assignment handler assigns to the client an address that 
reflects information of one or more relay modules through which the client traffic 
passes. 

8. The network service management server as claimed in claim 4 wherein: 
the internal network includes network entities which are bridging devices; 

and 

the address assignment handler assigns to the client an address that 
reflects information of bridged network entities through which the client traffic 
passes. 

9. The network service management server as claimed in claim 4 wherein: 
the information handler handles billing information for a client based on the 

location of the client as resolved by the location resolution handler. 

10. The network service management server as claimed in claim 1 wherein: 
the client has a fixed address that is used for a foreign network; and 
the network service management server further comprises an address 

translator for translating the fixed address to or from the assigned address. 
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1 1 . The network service management server as claimed in claim 4 further 
comprising: 

a network entity provisioning handler for provisioning a network entity; and 
5 a network entity information handler for storing the provisioning information 

in the network entity database. 

12. A network service management server for managing Internet services for a 
cable modem network having multiple cable modems and Cable Modem 

10 Termination Systems (CMTSs) for communicating with connected cable modems, 
the network service management server comprising: 

a registration driver provided at a selected location of the cable modem 
network for registering a client connecting to one of the cable modems; 

an address assignment handler provided at the selected location of the 
15 cable modem network for assigning to the client a client address associated with 
the one of the cable modems to which the client is connected; and 

an information handler for handling information relating to Internet services 
for the client based on the assigned client address. 

20 13, The network service management server as claimed in claim 12, wherein: 
the registration driver registers the client based on the assigned IP address 
or MAC address 

14. The network service management server as claimed in claim 12, wherein: 
25 the registration driver registers the client in association with information of a 

CMTS to which the client is connected. 

15. A method of managing network services for an internal network operated by 
a multi-system operator, the internal network being formed with network entities, 

30 the method comprising the steps of: 
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registering, at a selected location of the internal network, a client connecting 
to one of the network entities; 

assigning to the client an address associated with the one of the network 
entities to which the client is connected; and 
5 handling information relating to network services for the client based on the 

assigned address. 



16, The method as claimed in claim 15, wherein: 

the registering step registers the client based on the assigned Internet 
10 Protocol (IP) address or Media Access Control (MAC) address. 



17. The method as claimed in claim 15, wherein: 

the registering step registers the client in association with information of one 
or more network elements through which the client is routed. 

15 

1 8. The method as claimed in claim 15 further comprising the steps of: 
storing location information of a network entity in association with a assigned 

IP address of the network entity; 

obtaining a network entity MAC address from network traffic sent from or to 
20 a client connected to the network entity; and 

resolving the location of the client based on the location information of the 
network entity using the client IP address or MAC address. 

19. The method as claimed in claim 18, wherein: 

25 the registering step registers the client in association with a client IP address 

or client MAC address. 



20. The method as claimed in claim 18 wherein: 

the assigning step assigns to the client an address that reflects information 
30 of the device through which the client is routed when one or more network entities 
are routing devices. 
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21 . The method as claimed in claim 20 wherein: 

the assigning step assigns to the client an address that reflects information 
of one or more relay modules through which the client traffic passes when the 
5 internal network includes one or more relay modules. 

22. The method as claimed in claim 18 wherein: 

the assigning step assigns to the client an address that reflects information 
of bridged network entities through which the client traffic passes when one or more 
10 network entitles are bridging devices. 



23. The method as claimed in claim 18 wherein: 

the information handling step handles billing information for a client based 
on the location of the client as resolved by the location resolution handler. 

15 

24. The method as claimed in claim 15 wherein: 

for a client having a fixed address that is used for a foreign network, 
translating the fixed address to or from the assigned address. 

20 25. The method as claimed in claim 15 further comprising the steps of: 
provisioning a network entity; and 

storing the provisioning information in a network entity database. 



26. A computer readable medium storing the instructions or statements for use 
25 in the execution in a computer of a method of managing network services for an 

internal network operated by a multi-system operator, the internal network being 

formed with network entities, the method comprising the steps of: 

registering, at a selected location of the internal network, a client connecting 

to one of the network entities; 
30 assigning to the client an address associated with the one of the network 

entities to which the client is connected; and 



CA 02457368 2004-02-11 



39 

handling information relating to network services for the client based on the 
assigned address. 

27, Electronic signals for use in the execution in a computer of a method of 
5 managing network services for an internal network operated by a multi-system 
operator, the internal network being formed with network entities, the method 
comprising the steps of: 

registering, at a selected location of the internal network, a client connecting 
to one of the network entities; 
10 assigning to the client an address associated with the one of the network 

entities to which the client is connected; and 

handling information relating to network services for the client based on the 
assigned address. 



15 28. A computer program product for use in the execution in a computer a 
method of managing network services for an internal network operated by a 
multi-system operator, the internal network being formed with network entities, the 
computer program product comprising: 

a module for registering, at a selected location of the internal network, a 
20 client connecting to one of the network entities; 

a module for assigning to the client an address associated with the one of 
the network entities to which the client is connected; and 

a module for handling information relating to network services for the client 
based on the assigned address. 



25 
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